LLRX Book Review by Heather A. Phillips – A Guide to HIPAA Security and the Law

The Health Insurance Portability and Accountability Act (HIPAA) was signed into law on August 21, 1996. This landmark legislation affects almost everyone involved in the healthcare process, (among other things) setting new standards for the creation, storage and transmission of Protected Health Information (PHI). In addition to the privacy and security provisions expressly created by HIPAA, the Department of Health and Human Services has promulgated both a Privacy Rule and a Security Rule.

Although the Administrative Simplification Subtitle of HIPAA is intended to increase the ease and efficiency of using electronic transmissions in situations dealing with PHI, many – healthcare practitioners and lawyers alike – have found that coming into compliance with HIPAA’s Security Rule to be challenging.

A Guide to HIPAA Security and the Law aims to clarify the situation. The book begins with a brief but informative discussion of the history of HIPAA and the relationships among the Privacy Rule, Security Rule and HIPAA’s express provisions. The discussion then turns to the range and applicability of Security Rule’s role, providing helpful guidance for practitioners on the implementation of HIPAA security. Next, the book turns to an detailed section-by-section analysis of the HIPAA Security Rule and reports on applicable implementation and enforcement mechanisms. The book concludes with an in-depth discussion on the prospects for litigation relating to HIPAA security. Three appendixes contain useful reference materials such as the US Code sections related to HIPAA Administrative Simplification Provisions and CFR sections related to privacy and security.

While the prose is in no way electrifying, it is both substantial and as concise as the complex subject area will allow. The authors write in a knowledgeable manner, and the book is organized so as to provide useful context for the more technical and abstruse provisions. Overall, it is a resource that will prove to be especially useful for practitioners. Therefore, practice-oriented libraries, such as those supporting in-house counsel of healthcare organizations, or other attorneys practicing in the medical or information security fields will find it worthwhile to purchase this title.

Sabrina is also Researcher/Author of
beSpacific® - Accurate research surfacing documents and resources focused on law, technology, government reports, and knowledge discovery - with a global perspective. Updated daily since 2002 with a searchable database of 40,000 postings.